Skip to content

semver related CVE and release #821

Description

@tyriis

I'm submitting a...

  • Bug report
  • Feature request
  • Question

Current behavior

I am using db-migrate in many projects, there is a fixed vulnerability in the semver dependency.
Currently our security checks are failing.
https://cwe.mitre.org/data/definitions/1333.html

Expected behavior

semver should be updated to >= 7.5.2

Minimal reproduction of the problem with instructions

npm audit

What is the motivation / use case for changing the behavior?

We <3 security.

Environment


db-migrate version: 0.11.13

Additional information:
- Node version: v20.3.1
- Platform: Linux

Others:
Thanks for your work.
It would be great to have a release or pre-release of current state :)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions